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1 . (Currently Amended) Apparatus for use by a first party for key 
management for secure communication with a second party, said key management 
being to provide at each party, simultaneously remotely, identical keys for said secure 
communication without transferring said keys or components thereof over any 
communication link, the apparatus comprising: 

a datastream extractor, configured to extract a bitstream from data exchanged 
between said parties; 

a random selector configured with selection settings identical to those at said 
second party said selection settings defining a selection for s e l e cting , from said 
bitstream, of a series of bits in accordance with a randomization within said random 
selector, said randomization seeded by said data exchanged between said parties, said 
randomization being identical to a randomization carried out at said second party, 
thereby ensuring that said series of bits is id e ntical identically selected at both parties; 

a key generator configured for separately generating at said first party a key 
for encryption/decryption based on said series of bits, 

thereby to separately generate a key at said first party which is identical to a 
key likewise generated at said second party based on said exchanged information, 
thus to manage key generation in a manner repeatable at said parties , without 
transferring said keys or components thereof over any communication link . 

2. (Original) Apparatus according to claim 1, the random selector being 
operable to use results of said randomization as addresses to point to bits in said 
datastream. 

3. (Original) Apparatus according to claim 1, said key generator operable to 
generate a new key after a predetermined number of message bits have been 
exchanged between said parties. 
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4. (Original) Apparatus according to claim 3, said predetermined number of 
message bits being substantially equal to a length in bits of said key. 

5. (Original) Apparatus according to claim 1, further comprising a control 
messager for sending control messages to said remote party, thereby to indicate to 
said remote party a state of said apparatus to enable said remote party to determine 
whether said remote party is synchronized therewith to generate an identical key. 

6. (Original) Apparatus according to claim 5, further comprising a 
synchronized state determiner, for determining from control messages received from a 
remote party whether said apparatus is synchronized therewith to generate an identical 
key. 

7. (Original) Apparatus according to claim 6, further comprising a 
resynchronizer, associated with said synchronous state determiner, said 
resynchronizer having a ^synchronization random selector for selecting, from a part 
of said bitstream previously used by said random selector, a series of bits in 
accordance with a randomization seeded by said data exchanged between said 
parties,, in the event of determination of synchronization loss, thereby to regain 
synchronization. 

8. (Original) Apparatus according to claim 7, wherein said series of bits is a 
series of bits previously used by said random selector. 

9. (Original) Apparatus according to claim 6, wherein said control messager 
is operatively connected to said synchronous state determiner, thereby to include 
within said control messages a determination of synchronization loss. 
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10. (Original) Apparatus according to claim 7, wherein said control messager 
is operatively connected with said resynchronizer, to control said resynchronizer to 
carry out said selection in the event of receipt of a message from said remote party 
that said remote party has lost synchronization. 

1 1 . (Original) Apparatus according to claim 7, said data communication 
being arranged in cycles, said part of said bitstream being exchangeable in each cycle. 

12. (Original) Apparatus according to claim 11, said cycle being arranged 
into sub-units, each said cycle having an exchange point at its beginning for carrying 
out said exchange. 

13. (Original) Apparatus according to claim 10, said messager being usable to 
exchange control messages with said remote party to ensure that a same bitstream 
part is used for ^synchronization at both said parties. 

14. (Original) Apparatus according to claim 12, said messager being usable to 
vary a control message in accordance with a sub-cycle current at a synchronization 
loss event, thereby to control said remote party to resynchronize using a same 
bitstream part. 

15. (Original) Apparatus according to claim 14, operable to respond to 
messages sent by a remote party following said synchronization loss event, to revert 
to same said bitstream part as said message indicates that said remote party intends to 
use. 



16. (Original) Apparatus according to claim 1, comprising circuitry for 
determining which of itself and said remote party is a transmitting party and being 
operable to control said synchronization when it is a transmitting party and to respond 



5 



In re Application of: Eli YANOVSKY 

Serial No.: 10/520,274 

Filed: January 18, 2005 

Office Action Mailing Date: August 4, 2009 



Examiner: KANAAN Simon P. 
Group Art Unit: 2432 
Attorney Docket: 29238 



to control commands of said remote party when said remote party is said transmitting 
party. 

17. (Original) Apparatus according to claim 6, wherein said synchronized 
state determiner comprises: 

a calculation circuit for carrying out an irreversible calculation on any one of 
said bitstream, said randomization, said key and derivations thereof, and 

a comparator for comparing a result of said calculation with a result received 
from said remote party, 

thereby to determine whether said parties are in synchronization. 

18. (Original) Apparatus according to claim 17, wherein said irreversible 
calculation comprises a one-way function. 

19. (Original) Apparatus according to claim 1, said system being operable to 
provide key management for a symmetric cryptography algorithm. 

20. (Original) Apparatus according to claim 19, being constructed 
modularwise such that said cryptography algorithm is exchangeable. 

21. (Currently Amended) A system for providing key management 
between at least two separate parties, the system comprising 

a primary bitstream for exchange between said parties, 
and at each party: 

a selector configured with identical settings* fef -said settings defining a 
random selection randomly s e l e cting, at predetermined selection intervals, ofparts of 
said primary bitstream to form a derived bit source, each selector being operable to 
use said derived bit source, in an identical manner, to randomize said selecting, said 
identical settings ensuring that each party derives an identical derived bit source, and 
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a key generator configured for separately generating at each of said separate 
parties cryptography keys at predetermined key generating intervals using said 
derived bit source of a corresponding selection interva l said cryptographic keys being 
identical at each of said separate parties . 

22. (Original) A system according to claim 21, wherein said primary 
bitstream is obtainable as a stream of bits from a data communication process 
between said two parties. 

23. (Original) A system according to claim 21, wherein said bits in said 
primary bitstream are separately identifiable by an address, and wherein said selector 
is operable to select said bits by random selection of addresses. 

24. (Original) A system according to claim 21, wherein each selector 
comprises an address generator and each address generator is identically set. 

25. (Original) A system according to claim 21, further comprising a controller 
for exchanging control data between said parties to enable each party to determine 
that each selector is operating synchronously at each party. 

26. (Original) A system according to claim 25, wherein said control data 
includes any one of a group comprising: 

redundancy check data, and 
a hash encoding result, 
of at least some of the bits from said derived bit source. 



27. (Original) A system according to claim 25, wherein said control data 
includes any one of a group comprising: 
redundancy check data, and 
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of at least some of the bits of said randomization. 

28. (Original) A system according to claim 25, wherein said control data 
includes any one of a group comprising: 

redundancy check data, and 
a hash encoding result, 
of at least some of the bits from said key. 

29. (Original) A system according to claim 25, wherein said control data 
includes any one of a group comprising: 

redundancy check data of at least some of said addresses, and 
a hash encoding result of at least some of said addresses. 

30. (Original) A system according to claim 25, further comprising at each 
party a resynchronizer operable to determine from said control data that 
synchronization has been lost between the parties and to regain synchronization based 
on a predetermined earlier part of said derived bit source. 

31. (Original) A system according to claim 22, further comprising at each 
party a resynchronizer operable to determine from control data exchanged between 
said parties that synchronization has been lost between said parties and to regain 
synchronization based on a predetermined earlier part of said derived bit source. 

32. (Original) A system according to claim 31, said data communication 
process being arranged in cycles, said predetermined earlier part being exchangeable 
in each cycle. 
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33. (Original) A system according to claim 32, said cycles being arranged into 
sub-units, each said cycle having an exchange point at its beginning for carrying out 
said exchange of said predetermined earlier part of said derived bit source. 

34. (Original) A system according to claim 30, said controller being usable to 
include in said control messages, data to ensure that a predetermined earlier part of 
said derived bit source of a same cycle is used for resynchronization at both said 
parties. 

35. (Original) A system according to claim 33, said controller being usable to 
vary a control message in accordance with a sub-cycle current at a synchronization 
loss event, thereby to control said remote party to resynchronize using same said 
predetermined earlier part of said derived bit source. 

36. (Original) A system according to claim 35, operable to respond to 
messages sent by a remote party following said synchronization loss event, to revert 
to same said predetermined earlier part of said derived bit source as said message 
indicates that said remote party intends to use. 

37. (Currently Amended) A method of key management with at least one 
remote party, comprising the steps of: 

sharing with said remote party a primary data stream, 

using said primary data stream and identical settings at each party to form an 
identical randomizer at each party, 

selecting parts of said primary data stream using said identical randomizer at 
each party to form identical derived data sources independently at each party, and 

using said derived data source to form identical cryptography keys separately 
at different parties at predetermined intervals. 
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38. (Original) A method according to claim 37, wherein said primary data 
source is obtainable as a stream of bits from a communication process between said 
two parties. 

39. (Original) A method according to claim 37, wherein said primary data 
source comprises a stream of data bits divisible into data units and comprising 
selecting at random from the data bits of each data unit. 

40. (Original) A method according to claim 39, wherein said bits in said data 
units are separately identifiable by addresses, and comprising selecting said bits by 
using said randomizer as an address pointer. 

41. (Original) A method according to claim 37, wherein selecting is carried 
out by using identically set pseudorandom data generation at each party, and using 
said derived data source as a seed for said pseudorandom data generation. 

42. (Original) A method according to claim 37, further comprising 
exchanging control data between said parties to enable each party to determine 
whether they are operating synchronously with said other party. 

43. (Original) A method according to claim 42, wherein said control data 
includes any one of a group comprising: 

redundancy check data of at least some of said derived data source, and 
a hash encoding result of at least some of said derived data source. 

44. (Original) A method according to claim 42, comprising determining from 
said control data that synchronization has been lost between the parties and regaining 
synchronization based on a predetermined earlier part of said derived data source. 
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45. (Original) A method according to claim 44, further comprising a step of 
exchanging said predetermined earlier part of said derived data source at 
predetermined intervals. 

46. (Original) A method according to claim 45, further comprising steps of: 
determining a possibility of each party being at a different cycle at 

synchronization loss, and 

controlling said ^synchronization to use a same predetermined earlier part of 

said derived data source at both parties. 

47. (Original) A method according to claim 45, further comprising creating in 
advance a future cycle's predetermined earlier part of said derived data source for 
resynchronizing with a party that has already moved to such a cycle. 

48. (Original) A method according to claim 37, in use to provide key 
management for a symmetric cryptography algorithm. 



